package com.cskaoyan.config;

import com.cskaoyan.bean.admin.Admin;
import com.cskaoyan.realm.AdminRealm;
import com.cskaoyan.realm.MallAuthenticator;
import com.cskaoyan.realm.WxRealm;
import org.apache.shiro.mgt.RealmSecurityManager;
import org.apache.shiro.realm.Realm;
import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.apache.shiro.web.session.mgt.DefaultWebSessionManager;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

import java.util.ArrayList;
import java.util.LinkedHashMap;

@Configuration
public class ShiroConfig {
    /**
     * 跨域后保持session不变所需要的组件
     * @return
     */
    @Bean
    public DefaultWebSessionManager webSessionManager() {
        MallSessionManager mallSessionManager = new MallSessionManager();
        return mallSessionManager;
    }

    /**
     * shiro核心组件：securityManager
     * 需要设置SessionManager
     * 设置Realm
     */
    @Bean
    public DefaultWebSecurityManager securityManager(AdminRealm adminRealm,MallAuthenticator mallAuthenticator) {
        DefaultWebSecurityManager defaultWebSecurityManager = new DefaultWebSecurityManager();
        defaultWebSecurityManager.setSessionManager(webSessionManager());
        defaultWebSecurityManager.setRealm(adminRealm);
        defaultWebSecurityManager.setAuthenticator(mallAuthenticator);
        return defaultWebSecurityManager;
    }

    /**
     * 声明式鉴权所需要的组件
     */
    @Bean
    public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor(DefaultWebSecurityManager securityManager) {
        AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor = new AuthorizationAttributeSourceAdvisor();
        authorizationAttributeSourceAdvisor.setSecurityManager(securityManager);
        return authorizationAttributeSourceAdvisor;
    }

    /**
     * 处理认证和授权信息
     */
    @Bean
    public ShiroFilterFactoryBean shiroFilterFactoryBean(DefaultWebSecurityManager securityManager) {
        ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
//        shiroFilterFactoryBean.setLoginUrl("/");
        shiroFilterFactoryBean.setSecurityManager(securityManager);

        LinkedHashMap<String, String> filterMap = new LinkedHashMap<>();
        //放行所有
//        filterMap.put("/**","anon");

        filterMap.put("/admin/auth/login","anon");
        filterMap.put("/wx/**","anon");
        filterMap.put("/**","perms");
        shiroFilterFactoryBean.setFilterChainDefinitionMap(filterMap);
        return shiroFilterFactoryBean;
    }

    @Bean
    public MallAuthenticator mallAuthenticator(AdminRealm adminRealm, WxRealm wxRealm) {
        MallAuthenticator mallAuthenticator = new MallAuthenticator();
        ArrayList<Realm> realms = new ArrayList<>();
        realms.add(adminRealm);
        realms.add(wxRealm);
        mallAuthenticator.setRealms(realms);
        return mallAuthenticator;
    }
}
